Merge pull request #2460 from deathbaba/android-http-redirect-workaround

Android http redirect workaround.
author: Ilya Zverev <ilya@zverev.info> 2016-03-24 15:57:21 +0300
committer: Ilya Zverev <ilya@zverev.info> 2016-03-24 15:57:21 +0300
commit: 144ffca86bf247bc6cc2799cd3bdf340e3b6fb82 (patch)
tree: 2f608f13f0d9916bde7127fd522de5486047574f /editor
parent: 49b594e35f5d8f6f9fa6117ce01f17acf2521141 (diff)
parent: 3aa532f31fc2d07a0c6a5eaa7080aa331f0d6aca (diff)
2 files changed, 28 insertions, 17 deletions
diff --git a/editor/osm_auth.cpp b/editor/osm_auth.cpp
index ab7739e1a4..cceb0f7263 100644
--- a/editor/osm_auth.cpp
+++ b/editor/osm_auth.cpp
@@ -53,12 +53,6 @@ string BuildPostRequest(map<string, string> const & params)
   return result;
 }
 
-// Trying to determine whether it's a login page.
-bool IsLoggedIn(string const & contents)
-{
-  return contents.find("<form id=\"login_form\"") == string::npos;
-}
-
 // TODO(AlexZ): DebugPrint doesn't detect this overload. Fix it.
 string DP(alohalytics::HTTPClientPlatformWrapper const & request)
 {
@@ -173,35 +167,50 @@ bool OsmOAuth::LoginUserPassword(string const & login, string const & password,
     {"authenticity_token", sid.m_token}
   };
   HTTPClientPlatformWrapper request(m_baseUrl + "/login");
-  request.set_body_data(BuildPostRequest(params), "application/x-www-form-urlencoded");
-  request.set_cookies(sid.m_cookies);
+  request.set_body_data(BuildPostRequest(params), "application/x-www-form-urlencoded")
+         .set_cookies(sid.m_cookies)
+         .set_handle_redirects(false);
   if (!request.RunHTTPRequest())
     MYTHROW(NetworkError, ("LoginUserPassword Network error while connecting to", request.url_requested()));
-  if (request.error_code() != HTTP::OK)
+
+  // At the moment, automatic redirects handling is buggy on Androids < 4.4.
+  // set_handle_redirects(false) works only for Android code, iOS one (and curl) still automatically follow all redirects.
+  if (request.error_code() != HTTP::OK && request.error_code() != HTTP::Found)
     MYTHROW(LoginUserPasswordServerError, (DP(request)));
 
   // Not redirected page is a 100% signal that login and/or password are invalid.
   if (!request.was_redirected())
     return false;
-  // Parse redirected page contents to make sure that it's not some router in-between.
-  return IsLoggedIn(request.server_response());
+
+  // Check if we were redirected to some 3rd party site.
+  if (request.url_received().find(m_baseUrl) != 0)
+    MYTHROW(UnexpectedRedirect, (DP(request)));
+
+  // m_baseUrl + "/login" means login and/or password are invalid.
+  return request.server_response().find("/login") == string::npos;
 }
 
 bool OsmOAuth::LoginSocial(string const & callbackPart, string const & socialToken, SessionID const & sid) const
 {
   string const url = m_baseUrl + callbackPart + socialToken;
   HTTPClientPlatformWrapper request(url);
-  request.set_cookies(sid.m_cookies);
+  request.set_cookies(sid.m_cookies)
+         .set_handle_redirects(false);
   if (!request.RunHTTPRequest())
     MYTHROW(NetworkError, ("LoginSocial Network error while connecting to", request.url_requested()));
-  if (request.error_code() != HTTP::OK)
+  if (request.error_code() != HTTP::OK && request.error_code() != HTTP::Found)
     MYTHROW(LoginSocialServerError, (DP(request)));
 
   // Not redirected page is a 100% signal that social login has failed.
   if (!request.was_redirected())
     return false;
-  // Parse redirected page contents to make sure that it's not some router in-between.
-  return IsLoggedIn(request.server_response());
+
+  // Check if we were redirected to some 3rd party site.
+  if (request.url_received().find(m_baseUrl) != 0)
+    MYTHROW(UnexpectedRedirect, (DP(request)));
+
+  // m_baseUrl + "/login" means login and/or password are invalid.
+  return request.server_response().find("/login") == string::npos;
 }
 
 // Fakes a buttons press to automatically accept requested permissions.
@@ -219,8 +228,9 @@ string OsmOAuth::SendAuthRequest(string const & requestTokenKey, SessionID const
     {"commit", "Save changes"}
   };
   HTTPClientPlatformWrapper request(m_baseUrl + "/oauth/authorize");
-  request.set_body_data(BuildPostRequest(params), "application/x-www-form-urlencoded");
-  request.set_cookies(sid.m_cookies);
+  request.set_body_data(BuildPostRequest(params), "application/x-www-form-urlencoded")
+         .set_cookies(sid.m_cookies)
+         .set_handle_redirects(false);
   if (!request.RunHTTPRequest())
     MYTHROW(NetworkError, ("SendAuthRequest Network error while connecting to", request.url_requested()));
 
diff --git a/editor/osm_auth.hpp b/editor/osm_auth.hpp
index f7850d177d..ccdbb81aec 100644
--- a/editor/osm_auth.hpp
+++ b/editor/osm_auth.hpp
@@ -19,6 +19,7 @@ public:
   enum HTTP : int
   {
     OK = 200,
+    Found = 302,
     BadXML = 400,
     BadAuth = 401,
     Redacted = 403,
author	Ilya Zverev <ilya@zverev.info>	2016-03-24 15:57:21 +0300
committer	Ilya Zverev <ilya@zverev.info>	2016-03-24 15:57:21 +0300
commit	144ffca86bf247bc6cc2799cd3bdf340e3b6fb82 (patch)
tree	2f608f13f0d9916bde7127fd522de5486047574f /editor
parent	49b594e35f5d8f6f9fa6117ce01f17acf2521141 (diff)
parent	3aa532f31fc2d07a0c6a5eaa7080aa331f0d6aca (diff)